to refuse to allow school to take DSs fingerprints for new fingerprint technology?

[ChaoticEvil]

DS1 & DS2 attend the same secondary school. Currently the school has a system of using key cards in order to get into the buildings and to buy lunch. They (I) pay an exorbitant fee when they lose the card, but they are easily replaced by filling in a form and the old cards blocked from being used. All fine.

The school wants to move to a fingerprint recognition system from September and plan to start taking all fingerprints over the last few weeks of this term. Apparently the actual fingerprint image won't be stored, but instead an algorithm based on unique points which have been taken from the image of the fingerprint.

I can't quite say why I am uncomfortable with this but I am.

AIBU to refuse to allow it? What would happen then?

Or assuming IABU can somehow help me allay my weird feeling about it!

[Booksandwine80]

My gym does this, great for me as I forget most things

[Faultymain5]

How anyone could watch the Mad Cow Disease documentary last night and conclude the government or big business can be trusted with anything much less our data is beyond me. However, @SolitudeAtAltitude is right. Doesn't mean you have to go quietly into the night. But really it's not the 80s anymore.

[SolitudeAtAltitude]

OP, have you ever used the NHS, been to a GP?

They store patient information, often on such a rickety old system (windows XP) which is not even supported by Microsoft anymore, can be hacked easily and all the data is probably already in the hands of the Russians or the Chinese

Same with websites such as BA which store your data (incl. Passport number) which has recently been hacked.

If you ever use Google, Facebook etc it will have created a profile, which has already been sold to the highest bidder (corporations who want to sell you stuff)

For most of us, ALL data is public. Privacy is a thing of the past. In that context, a finger print is neither here nor there

I understand your concern

It's a valid one

But for all of us participating in modern life online, that ship has sailed.

[AlwaysSkint]

@MyOpinionIsValid I am mid 20s and none of the 3 secondary schools (all in different areas of the country) used biometrics.

[Jamiefraserskilt]

I refused consent. They gave him a pin number instead.
That was after dc1 had easily accessed the school records system and written a report with suggestions for improving system and data security. They shut the system down to implement his suggestions. He was 13.

[Barbie222]

I wish this kind of thing was more widely available. I recently accidentally cut up the wrong card and couldn't get money out for ages. Wish I could have paid with my thumb. Bring on the future!

[MsJaneAusten]

I see no advantage to moving to a fingerprint

No, because you’re not the poor sod who has to do a ‘card check’ of their form group once a week, report issues (usually in a different place to where you report any other issues), nag pupils to get the cards out of their bags to check, track down pupils who leave the card in your classroom, remind little Johnny that it’s really not ok to hide Quentin’s card...

They can’t lose their thumbs. Or claim to have left it at home. Or steal someone else’s.

I was wary when this was bought in at the first school I worked in, and used a card instead for the first year, but I’ve since accepted how much more efficient it is. I do carry hand sanitiser everywhere though!

[SamBeckett]

@Alix
Or are scanner pads inhabited by special killer germs?
Yes the palm scanners that we have have silver implanted

[Whosorrynow]

a handy database of people's movements over extended periods
Intuition is rarely a good guide with these types of things, we forget about metadata and fail to understand the implications of new technologies

[SamBeckett]

pisspawpatrol I am glad I am not the only one that did not know this !

I work in a high security building , we have iris scans , weight sensors , 6 digit code to be used in conjunction with a swipe card , and for the higher security areas full palm prints as well , it takes bloody ages to actually get to your work station.

[Goldenbear]

I didn't allow my son to have his fingerprint used for the cashless catering system, he has a card instead. I am surprised to hear that in some schools the lawful basis for processing biometric data is not 'consent' and that there is no right to object.

[TheCrowFromBelow]

But I don't know that I'd resist it unless until they start doing things like 'We noticed you chose an unhealthy option at lunch time, we are sending you some dietary advice' or 'You didn't eat your vegetables today so your purchase of pudding has been cancelled'...
That already happens to DS1 in our house when I check on the app to see what he’s had to eat Big Mother is watching you.
I actually just Lena since gone off to buy a load of iced tea in the supermarket as that is where a high % of his spend is going but yes - this could happen.
I think that about my nectar card and tracking eating and drinking habits as well sometimes.
Our school has an alternative OP, they have a card system for those that don’t want to use fingerprints.

[Zilla1]

@MollyButton, yes, though I was thinking of the alternative, if the application provider takes the data offshore to process.

I think, in theory, GDPR requires any EU-based IT provider that the school uses to ensure offshored data is subject to equivalent protections.

In practice, if the data is 'shipped' for processing in the US or another jurisdiction, the reality can differ.

[MitziK]

If there is an issue - for example, with investigating a crime - the fingerprint records would be used. I can't see the immigration/hostile environment turning their noses up at the opportunity either.

To give a real life example, when Oyster Cards were being introduced, they were punted as being quick, convenient and safer for bus drivers. Yes, but they also provide the police, benefits investigators and anybody else the government wants to allow access to a handy database of people's movements over extended periods. Adding contactless payments from cards to the scheme provides absolute verification of a holder's identity, as does topping an Oyster up using a card. It's easy to see that at x time, this card went through x gate and then CCTV can be pulled up to show the person, etc.

The usefulness of Oyster travel is undeniable, but with six months of the 'oh, it's easy', the first prosecutions with Oyster use being submitted as evidence were being reported.

I'm sure that fingerprint entry and lending in schools would be convenient, but it is definitely providing immigration, the police and any other company/group/authority the government wishes to sell allow access to, a fuck ton of data that wouldn't normally be taken.


If I'm required to do it for a job, such as one in government or somewhere secure, fair enough. Or if they add it to the requirements for driving licenses or passports, fair enough. But to get into the bloody canteen or front door of a secondary? Nah.

[MollyButton]

Zilla1 - as far as I know if the data is held at any point in the EU then GDPR holds - I know some people from the US have rights to data under our data protection acts as their data is held in UK Data centres.

[Zbag14]

Also, surely you won't have a choice? If they've decided its happening then its happening, I highly doubt they'll change their mind to accommodate the preferences of you and your children.

[Zbag14]

Yabu.

[Zilla1]

@PCohle - Thank you.

[Zilla1]

I'd be perhaps more concerned or at least differently concerned if it's an external supplier holding the data, especially if offshore. There are protections under GDPR though sometimes if offshore, these can be more in writing than in practice (assurance of off shore cloud-based solutions suppliers can be hair raising).

[ChaoticEvil]

Wow lots of responses since this morning and actually given me lots to think about!

I think the bottom line is I don't know enough about it which is something I obviously need to correct, its just the whole, sign this form they are being taken next week doesn't sit well with me.

I'm going to email the school I think and ask some questions and see what their response is. Tbf if its an external company holding the data that would actually reassure me as the school are rubbish!

I am obviously (on the balance of responses) being ridiculous but I just can't shake the feeling of wanting to say Hell No!

[FuriousCheekyFucker]

@Faultymain5

That's fine to have more than one objection! In complex issues there usually are multiple issues that need adressing.

I believe that in a lot of cases the problems are caused by there not being enough information or education on the matter, and the public are then scared of what they don't know, more than anything else.

I also believe it's the job of those wanting to make the changes to ensure the information and education is out there in a transparent, reachable form.

What I can't stand is when the information is published and accessible but folk decide they can't be bothered to learn about things - those who oppose change due to their own laziness. I'm in no way accusing you of that, but there are plenty of examples out there!

[JassyRadlett]

The trouble with the ‘it’s just biometrics, it’s totally safe’ narrative is that we just don’t know yet. Biometrics are not widely enough deployed across applications to have a full picture of potential future issues.

I’m pretty comfortable around biometrics and, with some decent assurances around data collection, storage and disposal, would probably let my kids do this on a balance of risk and benefit.

But the ‘biometrics are so safe!’ thing is pretty naive, and many fintech and govtech specialists are looking into second and third level protections for biometric data simply because it isn’t invariably safe.

[Faultymain5]

@FuriousCheekyFucker For me it's a combination. I think I can have more than one objection. I was pointing out it made life easier for parents and kids and that kids literally don't have to think about anything for themselves.

I'm happy to be called a technophobe, if it makes people feel happier. It makes it easier to ignore me. And everyone wants a easier happier life. On subjects like sweetners v sugar, organic v non organic I'm always on the fringe, I was once called contrary for the sake of being contrary.

[Direwolfwrangler]

It depends on the system being used but the school themselves are unlikely to hold the data. As others have stated the actual fingerprint is not actually held.

If you are concerned, I would ask to see the company’s Privacy Policy. The school should also have completed a Privacy Impact Assessment to document the risks and how they will be mitigated. I would only be concerned if the PIA hasn’t been done.

[browzingss]

I think you’re being paranoid. If somehow the data leaks and somehow your son’s fingerprint is exposed to the world, what do you actually think would happen? You have to bare in mind that it’s impossible to use the stored image/data of his fingerprint in a physical form so he wouldn’t framed for crimes he didn’t commit via ‘planted fingerprints’ for example.

The school probably is already monitoring purchases and tap ins via the prepaid cards or whatever system is in place now - using fingerprints instead isn’t necessarily the start of mass surveillance. I think you’re being a bit of a technophobe.

When I used to work in bloody retail, we had a fingerprint system for signing in/out, can’t say that my life has been negatively impacted as a result.